Purchasing costs and licensing fees for software and hardware information technology (IT) resources can be a significant portion of an enterprise's budget. In order to reduce IT-related expenses, some enterprises provision a minimum profile of required IT resources to users in a request and review system. In this system, any additional IT resources which are needed are requested by users on an as-needed basis. The IT resources are provisioned upon receiving and approving the requests from the users. Unfortunately, this deliberate under-provisioning of IT resources is inefficient, slow, and unmanageable, particularly in enterprises with a large number of users, resulting in reduced productivity and increased overhead.
Instead of provisioning a minimum profile to each user, some enterprises provision IT resources to users based on a categorization of the users into a fixed role within the enterprise. Such role based access control (RBAC) can lead to both over-provisioning and under-provisioning, since all users associated with each of the roles will not likely have the same IT resource requirements.
In many enterprises, user roles change over time as users move departments, locations, or positions, for example. In a request and review system, users may have previously requested and been provisioned IT resource(s) that they are not currently using. In an RBAC approach, users may be provisioned IT resource(s) based on a role they no longer have. Accordingly, current provisioning methods can result in many users having provisioning profiles that are not aligned with their current requirements or usage. Such suboptimal provisioning of IT resources can result in increased cost to the enterprise, which is undesirable.